Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3138392e32352e302f32342d3234203d3e20313336373837.roa
File: 3138352e3138392e32352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: hb/7g6Oe6Q0R23iVywFlDFFS3F29ZckqKR3QTw9kFao=
Subject key identifier: F4:A8:B7:E6:BB:CD:55:B1:70:78:52:B9:C4:39:6E:71:AA:3F:2E:49
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 2C2B511CA289E3068993DBC08B087BB9E979F84A
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3138392e32352e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 30 Dec 2024 15:41:18 +0000
ROA not before: Mon 30 Dec 2024 15:36:18 +0000
ROA not after: Mon 29 Dec 2025 15:41:18 +0000
asID: 136787
IP address blocks: 185.189.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:28:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:2b:51:1c:a2:89:e3:06:89:93:db:c0:8b:08:7b:b9:e9:79:f8:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 30 15:36:18 2024 GMT
Not After : Dec 29 15:41:18 2025 GMT
Subject: CN=F4A8B7E6BBCD55B1707852B9C4396E71AA3F2E49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2c:a3:5b:a1:c3:07:d3:93:d6:73:51:88:6e:
f9:95:23:76:9f:59:a7:10:e9:4a:6c:26:e2:50:67:
8a:ef:a5:3a:00:12:1b:06:19:c0:d7:e4:7a:02:dd:
0a:52:4b:8e:1c:5d:e8:ec:ed:12:e4:72:b5:a1:c1:
55:5a:61:90:1a:a6:2e:19:c3:62:5b:d5:67:89:f3:
69:7d:81:fc:c3:90:a9:b4:17:36:30:b5:a6:d8:4d:
60:32:0f:39:88:fc:a5:31:37:09:6d:af:ef:89:42:
76:1e:22:90:ef:98:30:ad:52:56:0d:5d:1a:fd:7e:
42:c3:55:e4:e9:27:e0:42:0c:e9:f4:50:66:d6:cb:
6f:77:4c:d5:d7:ec:db:05:14:29:97:05:90:0a:0e:
a0:dc:bd:31:25:96:bd:08:10:5c:76:0d:62:11:e5:
8e:15:4c:70:e2:4b:24:f9:0e:7a:6b:d6:d6:79:bd:
f4:c7:e6:8a:91:92:71:ff:9b:2b:2c:14:47:ed:9e:
89:98:cc:eb:65:f3:4a:b3:a7:8a:60:fb:c1:cd:83:
1c:e3:54:75:4a:06:b2:12:98:f3:0a:e3:70:58:6c:
30:67:53:06:c2:5a:a2:37:21:23:1a:31:d4:e1:34:
d8:70:84:ff:28:19:4a:5c:d6:75:a8:4d:71:cc:98:
c2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:A8:B7:E6:BB:CD:55:B1:70:78:52:B9:C4:39:6E:71:AA:3F:2E:49
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3138392e32352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.25.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:d0:6e:54:a2:c2:0b:94:0d:1f:d4:82:b2:4d:cf:de:eb:e8:
d7:e9:26:31:fc:69:ad:5d:3a:7a:cc:97:e0:7d:19:99:66:cd:
aa:b8:8d:e5:0b:f5:0d:fa:16:b2:e0:6b:73:6b:f3:f0:b3:48:
8a:2a:a5:8f:89:8d:9c:41:b0:d7:0e:8d:fa:98:d6:52:e5:d6:
12:ad:16:0d:8b:5d:73:ef:dc:a8:6d:df:bb:5d:6e:9d:1a:11:
02:ce:4e:93:54:91:e9:d6:60:4e:56:5f:52:c8:0f:4a:08:ee:
7f:eb:f3:9c:f2:32:c7:22:4d:0c:af:cc:f5:3e:0a:d4:e6:09:
07:88:f4:cb:c4:b5:4e:59:89:a0:42:31:b6:71:d9:f2:55:da:
3b:5b:dd:6a:06:68:12:2a:05:a2:4c:c2:2f:f7:2a:1d:b5:28:
a4:37:ea:6d:6a:34:d0:3a:65:6b:1c:40:79:97:ef:64:6d:a1:
e5:e1:3c:45:44:1a:17:f5:cb:f5:36:3d:01:a8:fc:5f:6a:cb:
0e:ef:b8:b8:6e:7a:93:cf:0f:48:ef:4d:a8:79:73:fd:34:90:
99:e0:ae:4b:14:f3:e2:34:4b:fc:57:df:de:74:36:df:4a:60:
c7:0c:1d:ed:8a:af:ff:4e:01:c6:57:30:33:02:bd:15:10:23:
78:38:a1:ae
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULCtRHKKJ4waJk9vAiwh7uel5+EowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDEyMzAxNTM2MThaFw0yNTEyMjkxNTQxMThaMDMxMTAvBgNV
BAMTKEY0QThCN0U2QkJDRDU1QjE3MDc4NTJCOUM0Mzk2RTcxQUEzRjJFNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOLKNbocMH05PWc1GIbvmVI3af
WacQ6UpsJuJQZ4rvpToAEhsGGcDX5HoC3QpSS44cXejs7RLkcrWhwVVaYZAapi4Z
w2Jb1WeJ82l9gfzDkKm0FzYwtabYTWAyDzmI/KUxNwltr++JQnYeIpDvmDCtUlYN
XRr9fkLDVeTpJ+BCDOn0UGbWy293TNXX7NsFFCmXBZAKDqDcvTEllr0IEFx2DWIR
5Y4VTHDiSyT5Dnpr1tZ5vfTH5oqRknH/myssFEftnomYzOtl80qzp4pg+8HNgxzj
VHVKBrISmPMK43BYbDBnUwbCWqI3ISMaMdThNNhwhP8oGUpc1nWoTXHMmMLfAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU9Ki35rvNVbFweFK5xDlucao/LkkwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMTM4MzkyZTMy
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5vRkwDQYJKoZIhvcNAQELBQADggEBAGvQblSiwguUDR/UgrJNz97r6NfpJjH8
aa1dOnrMl+B9GZlmzaq4jeUL9Q36FrLga3Nr8/CzSIoqpY+JjZxBsNcOjfqY1lLl
1hKtFg2LXXPv3Kht37tdbp0aEQLOTpNUkenWYE5WX1LID0oI7n/r85zyMsciTQyv
zPU+CtTmCQeI9MvEtU5ZiaBCMbZx2fJV2jtb3WoGaBIqBaJMwi/3Kh21KKQ36m1q
NNA6ZWscQHmX72RtoeXhPEVEGhf1y/U2PQGo/F9qyw7vuLhuepPPD0jvTah5c/00
kJngrksU8+I0S/xX3950Nt9KYMcMHe2Kr/9OAcZXMDMCvRUQI3g4oa4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:51:03 2025 by rpki-client